-
-
Save sanfang0766/d56a476e9cab19179f5339106ab9624b to your computer and use it in GitHub Desktop.
Debian NAS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Files | |
mkdir /files && chmod -R 777 /files | |
mkdir /files/docker | |
mkdir /files/www | |
mkdir /files/photos | |
mkdir /files/videos | |
mkdir /files/music | |
mkdir /files/documents | |
mkdir /files/downloads | |
apt -y update | |
apt -y install vim git curl wget unzip software-properties-common apt-transport-https ufw ca-certificates gnupg2 gpg wireguard-tools aria2 nginx | |
# 添加免密登陆公钥,authorized_keys 改为自己的公钥地址 | |
mkdir ~/.ssh | |
mkdir /root/.ssh | |
cd ~/.ssh | |
# wget https://name.com/authorized_keys | |
# chmod -R 600 ~/.ssh/authorized_keys | |
# cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys | |
# chmod -R 600 /root/.ssh/authorized_keys | |
# webmin | |
wget -q http://www.webmin.com/jcameron-key.asc -O- | apt-key add - | |
add-apt-repository "deb [arch=amd64] http://download.webmin.com/download/repository sarge contrib" | |
#docker | |
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add | |
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | |
# Zerotier | |
curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import && \ | |
if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | sudo bash; fi | |
# 安装 | |
apt -y update | |
apt -y install webmin docker-ce samba | |
# ufw | |
ufw allow from 192.168.1.0/24 | |
ufw allow 6022 | |
ufw allow 6443 | |
ufw allow 443/tcp | |
ufw allow 80/tcp | |
ufw deny out 25 | |
ufw deny out 110 | |
ufw deny out 143 | |
ufw deny out 465 | |
ufw deny out 587 | |
ufw deny out 993 | |
ufw deny out 995 | |
systemctl enable ufw | |
systemctl start ufw | |
# Docker | |
systemctl enable docker | |
systemctl start docker | |
# Watchtower 自动更新 Docker | |
docker run -d \ | |
--name watchtower \ | |
--restart unless-stopped \ | |
-v /var/run/docker.sock:/var/run/docker.sock \ | |
containrrr/watchtower -c | |
# Docker UI,端口 10990 | |
mkdir -p /files/docker/portainer | |
docker pull portainer/portainer | |
docker run -d -p 10990:9000 --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /files/docker/portainer/portainer_data:/data --name dockerui portainer/portainer | |
# nginx UI | |
systemctl enable nginx | |
systemctl restart nginx | |
docker pull schenkd/nginx-ui | |
docker run -d -p 8080:8080 --restart=always -v /etc/nginx:/etc/nginx --name nginxui schenkd/nginx-ui | |
# Birwarden | |
#mkdir /files/docker/vaultwarden | |
#docker pull vaultwarden/server | |
#docker run -d --name vaultwarden -v /files/docker/vaultwarden:/data/ -p 10081:80 -p 10082:3012 vaultwarden/server:latest | |
# DDNS-GO 端口 9876 | |
mkdir /files/docker/ddns-go | |
docker pull jeessy/ddns-go | |
docker run -d --name ddns-go --restart=always --net=host -v /files/docker/ddns-go:/root jeessy/ddns-go | |
# WebDAV | |
mkdir -p /files/docker/webdav | |
cd /files/docker/webdav | |
wget https://gist.githubusercontent.com/sanfang0766/d56a476e9cab19179f5339106ab9624b/raw/08dcc19661d4efb30c6bf3daf7488c76210a146d/webdav.config.yml | |
docker pull hacdias/webdav | |
docker run --restart always --name=webdav -itd \ | |
-v /files:/files \ | |
-v /files/docker/webdav/webdav.config.yml:/opt/webdav.config.yml \ | |
-p 6080:6080 \ | |
hacdias/webdav --config /opt/webdav.config.yml | |
# Aria2 Pro | |
#mkdir -p /files/docker/aria2 | |
#docker pull p3terx/aria2-pro | |
# Jellyfin 影音库 | |
# mkdir /files/docker/jellyfin | |
# docker pull jellyfin/jellyfin | |
# 自动签到面板 | |
# mkdir /files/docker/qiandao | |
# docker pull a76yyyy/qiandao |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Server related settings | |
address: 0.0.0.0 | |
port: 6080 | |
auth: true | |
tls: false | |
# cert: /var/www/.ssl/fullchain.cer | |
# key: /var/www/.ssl/domain.key | |
prefix: / | |
# Default user settings (will be merged) | |
scope: . | |
modify: true | |
rules: [] | |
# CORS configuration | |
cors: | |
enabled: false | |
credentials: false | |
# 密码修改为自己的! | |
users: | |
- username: root | |
password: "{bcrypt}$2a$12$F3WjS/ToJEdCJkDeQoVNIezsk4bWkMmPtbYOszAkLfDflEqXzGoIO" | |
scope: /files |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment